Denial-of-Service Attacks
نویسندگان
چکیده
Availability requires that computer systems function normally without loss of resources to legitimate users. One of the most challenging issues to availability is the denial-ofservice (DoS) attack. DoS attacks constitute one of the major threats and among the hardest security problems in today’s Internet. The main aim of a DoS is the disruption of services by attempting to limit access to a machine or service. Depending on the attackers’ strategy, the target resources may be the fi le system space, the process space, the network bandwidth, or the network connections. These attacks achieve their goal by sending at a victim a stream of packets in order to exhaust the bandwidth of its network traffi c or its processing capacity denying or degrading service to legitimate users. There have been some large-scale attacks targeting high-profi le Internet sites [1–3]. Distributed denial-of-service (DDoS) attacks add the many-to-one dimension to the DoS problem, making the prevention and mitigation of such attacks more diffi cult and the impact proportionally severe. These attacks use many Internet hosts in order to exhaust the resources of the target and cause DoS to legitimate clients. The traffi c is usually so aggregated that it is diffi cult to distinguish legitimate packets from attack packets. More importantly, the attack volume can be larger than the system can handle. There are no apparent characteristics of DDoS streams that could be directly and wholesalely used for their detection and fi ltering. The attacks achieve their desired effect by sending large amounts of network traffi c and by varying packet fi elds in order to avoid characterization and tracing. Extremely sophisticated, “user-friendly,” and powerful DDoS toolkits are available to potential attackers, increasing the danger of becoming a victim in a DoS or a DDoS attack, as essential systems are ill prepared to defend themselves. The consequences of DoS attacks are extremely serious and fi nancially disastrous, as can be seen by frequent headlines naming the most recent victim of a DoS attack. In February 2001, University of California at San Diego (UCSD) [3] network researchers from the San Diego Supercomputer Center (SDSC) and the Jacobs School of Engineering analyzed the pattern of DoS attacks against the computers of corporations, universities, and private individuals. They proposed a new technique, called “backscatter analysis.” This technique estimates the worldwide DoS activity. This research provided the only data
منابع مشابه
HF-Blocker: Detection of Distributed Denial of Service Attacks Based On Botnets
Abstract—Today, botnets have become a serious threat to enterprise networks. By creation of network of bots, they launch several attacks, distributed denial of service attacks (DDoS) on networks is a sample of such attacks. Such attacks with the occupation of system resources, have proven to be an effective method of denying network services. Botnets that launch HTTP packet flood attacks agains...
متن کاملDetecting Denial of Service Message Flooding Attacks in SIP based Services
Increasing the popularity of SIP based services (VoIP, IPTV, IMS infrastructure) lead to concerns about its security. The main signaling protocol of next generation networks and VoIP systems is Session Initiation Protocol (SIP). Inherent vulnerabilities of SIP, misconfiguration of its related components and also its implementation deficiencies cause some security concerns in SIP based infra...
متن کاملNeural Network Based Protection of Software Defined Network Controller against Distributed Denial of Service Attacks
Software Defined Network (SDN) is a new architecture for network management and its main concept is centralizing network management in the network control level that has an overview of the network and determines the forwarding rules for switches and routers (the data level). Although this centralized control is the main advantage of SDN, it is also a single point of failure. If this main contro...
متن کاملMoving dispersion method for statistical anomaly detection in intrusion detection systems
A unified method for statistical anomaly detection in intrusion detection systems is theoretically introduced. It is based on estimating a dispersion measure of numerical or symbolic data on successive moving windows in time and finding the times when a relative change of the dispersion measure is significant. Appropriate dispersion measures, relative differences, moving windows, as well as tec...
متن کاملMechanized Proof of Resistance of Denial of Service Attacks in Voting Protocol with ProVerif
Resistance of denial of service attacks is a key security requirement in voting protocols. Acquisti protocol plays an important role in development of internet voting protocols and claims its security without strong physical assumptions. In this study firstly Acquisti protocol is modeled in extended applied pi calculus, and then resistance of denial of service attacks is proved with ProVerif. T...
متن کاملWhat do we mean by Network Denial of Service?
Recent network denial-of-service attacks have brought about awareness of the vulnerability of increasingly important network services. While denial of service is not a new problem, and some of the network aspects of denial of service have been addressed, there is currently no unifying definition of what constitutes network denial of service. The goal of this paper is to propose a definition of ...
متن کامل